Security News > 2022 > May > Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory

Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution.
"The vulnerability was specific to the third-party Open Database Connectivity driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime and did not impact Azure Synapse as a whole," the company said.
In other words, a malicious actor can weaponize the bug to acquire the Azure Data Factory service certificate and access another tenant's Integration Runtimes to gain access to sensitive information, effectively breaking tenant separation protections.
That said, the Redmond-based company has shared Microsoft Defender for Endpoint and Microsoft Defender Antivirus detections to protect customers from potential exploitation, adding it's working to bolster the security of third-party data connectors by working with driver vendors.
The findings come a little over two months after Microsoft remediated an "AutoWarp" flaw impacting its Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control.
Last month, Microsoft also resolved a pair of issues - dubbed "ExtraReplica" - with the Azure Database for PostgreSQL Flexible Server that could result in unapproved cross-account database access in a region.
News URL
https://thehackernews.com/2022/05/microsoft-mitigates-rce-vulnerability.html
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach (source)